(feat): added captcha for invalid login
This commit is contained in:
boris
@@ -4,21 +4,39 @@ require_once("Models/User.php");
|
||||
|
||||
$user = new User();
|
||||
$userDataSet = new UserDataSet();
|
||||
|
||||
if (isset($_POST["loginButton"])) {
|
||||
$username = $_POST["username"];
|
||||
$password = hash("sha256", $_POST["password"]);
|
||||
if (isset($view->loginError)) {
|
||||
$generatedCaptcha = $_POST["generatedCaptcha"];
|
||||
$userCaptcha = $_POST["captcha"];
|
||||
|
||||
if ($generatedCaptcha !== $userCaptcha) {
|
||||
$view->loginError = "Incorrect CAPTCHA.";
|
||||
return;
|
||||
}
|
||||
}
|
||||
// create a new student dataset object that we can generate data from
|
||||
// Error handling is VERY hacky, because of the lack of JS usage.
|
||||
if($userDataSet->checkUserCredentials($username, $password)) {
|
||||
$user->Authenticate($username, $password);
|
||||
}
|
||||
else {
|
||||
echo "Error in Uname / Pass";
|
||||
}
|
||||
// Unset modal boolean to hide it's usage.
|
||||
unset($_GET['modal']);
|
||||
} else {
|
||||
// Add error message and redirect to display modal
|
||||
$view->loginError = "Invalid username or password.";
|
||||
// Set modal boolean to header to allow modal to reappear
|
||||
$queryParams = http_build_query(['modal' => 'true']);
|
||||
header("Location: {$_SERVER['PHP_SELF']}?$queryParams");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_POST["logoutButton"]))
|
||||
{
|
||||
$user->logout();
|
||||
}
|
||||
|
||||
if (isset($_GET['modal']) && $_GET['modal'] === 'true') {
|
||||
$view->loginError = $view->loginError ?? "Please solve the Captcha and try again.";
|
||||
}
|
||||
Reference in New Issue
Block a user